There is a new concerning cyber threat targeting Gmail users, and it’s crucial not to overlook it. Hackers are continuously devising new strategies to breach consumer accounts, and falling for their latest scheme could result in the compromise of email and other personal accounts.
The recent threat, identified by the Malwarebytes team, specifically aims at Gmail users, making it easy for unsuspecting individuals to be ensnared in the scam.
The scam initiates with a deceptive message purporting to be from Google’s Support service, claiming an attempted breach of the account and necessitating a password reset. To enhance credibility, some victims even receive a follow-up phone call after the email.
Hackers employ this tactic to acquire the security code sent by Google during a password reset. Once successful, they can illicitly access the account and pilfer significant personal information.
According to Malwarebytes, victims receive an email or call alleging a hack attempt on their account, advising them to reset the password for protection. Subsequently, a separate email is sent to the victim for the account reset, tricking them into entering their login details. The email contains a code that the victim must provide for verification, which the scammers exploit to hijack the account during the reset process.
While the extent of the issue remains uncertain, several Google users have reported being targeted in recent times. One Google account holder shared on Reddit their experience of the scammer trying to take over the account during a phone call.
To add credibility, the scammer instructed the victim to verify their call-back number, only to discover it was a ruse when attempting to reach a human on the line.
If you receive any communication from Google instructing an account reset, exercise caution, as it is likely a fraudulent attempt.
Google has addressed the matter, cautioning users against divulging any information to such fraudulent sources. The company emphasized that these contacts and websites are not affiliated with Google and may request payment for supposed support services, reiterating that Google does not charge for account recovery or password changes. Additionally, Google clarified that it does not offer phone support for Gmail-related issues, and any such calls are not endorsed by Google.